CVE-2016-3090

The TextParseUtil.translateVariables method in Apache Struts 2.x before 2.3.20 allows remote attackers to execute arbitrary code via a crafted OGNL expression with ANTLR tooling...

Apache Struts 2 Struts 1 Plugin ActionMessage < 2.3.32 RCE

Remote command execution vulnerability in Apache Struts 2 Struts 1 plugin ActionMessage class error message input handling Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

Apache Struts Remote Code Execution Vulnerability (CNVD-2017-32355)

Apache Struts is the United States Apache Apache Software Foundation is responsible for maintaining an open source project , is a set of open source MVC framework for creating enterprise-class Java Web applications , mainly provides two versions of the framework products , Struts 1 and Struts 2...

CVE-2016-4461

Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0785...

CVE-2016-4461

Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0785...

Design/Logic Flaw

Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0785...

CVE-2016-4461

Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0785...

CVE-2016-4461

CVE-2016-4461: Apache Struts vulnerability causing remote code execution via forced double OGNL evaluation. IBM/security bulletins show affected IBM FlashSystem products (V840, V900, Storwize/SAN volumes) with vulnerable VRMFs and the need to upgrade to fixed code levels. IBM Bulletins list affec...

CVE-2016-4461

Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0785...

To expose the spike Trend Micro multiple products RCE vulnerability flaws bug-a vulnerability warning-the black bar safety net

The framework of the network security of ever more and more give rise to a network security staff to the presence of dependents, for example, the Apache Struts case because within the framework of a wide range of vulnerabilities flaws bug the excitation of the network hits the firing presumably...

Apache Struts 'Problem Report' XSS Vulnerability (S2-025)

Apache Struts is prone to a cross-site scripting XSS vulnerability. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Oracle WebLogic Server Multiple Vulnerabilities

Binary data oracleweblogicserverCVE-2017-9805.nbin...

Whoops, Turns Out 2.5 Million More Americans Were Affected By Equifax Breach

Equifax data breach was bigger than initially reported, exposing highly sensitive information of more Americans than previously revealed. Credit rating agency Equifax says an additional 2.5 million U.S. consumers were also impacted by the massive data breach the company disclosed last month,...

Apache Struts RCE Vulnerability

Multiple Remote Code Execution vulnerabilities CVE-2017-9805, CVE-2017-9804, CVE-2017-9793 are affecting Apache Struts...

BSA-2017-438

Security Advisory ID : BSA-2017-438 Component : Apache Struts Revision : 2.0: Interim It was found thatFreemarkerin Struts would permit using read-only properties in value assignment of tag expressions. An attacker could use this to execute arbitrary code. Affected Products Brocade is investigati...

Apache Struts Security Update (S2-042)

Apache Struts is prone to a path traversal vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

Apache Struts Security Update (S2-044)

Apache Struts is prone to a Denial of Service DoS vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Apache Struts Path Traversal Vulnerability (S2-042) - Linux

Apache Struts is prone to a path traversal vulnerability. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Apache Struts DoS Vulnerability (S2-044) - Linux

Apache Struts is prone to a Denial of Service DoS vulnerability. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Oracle Patches Apache Struts, Reminds Users to Update Equifax Bug

Oracle released fixes for a handful of recently patched Apache Struts 2 vulnerabilities, including a critical remote code execution vulnerability CVE-2017-9805 that could let an attacker take control of an affected system, late last week. The Apache Software Foundation patched the RCE...